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DETAILED ACTION 
Claim Rejections - 35 USC §102 

1 . The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

2. Claims 1-33 are rejected under 35 U.S.C. 102(e) as being anticipated by Morisawa et 
al(5,537,544). 

3. As per claim 1, Morisawa discloses a method of enabling use of a secure password(see col 
2, lines 47-56) , during power up initialization before an operating system is started(see col. 10, 
lines 15-27), copying security data from a memory device to a restricted portion of system 
memory which is invisible to the operating system; wherein the restricted portion of the 
computer's system memory contains code and data needed for low level system control functions 
that are independent of the operating system(see col. 2, lines 56-67, col. 3, lines 1-26), and 
wherein a writing of data into the restricted portion of the computer's system memory is 
authorized only for a trusted software entity that has been authenticated as having permission to 
access the restricted portion of the computer's system memory(see col. 6, hnes 31-51); and 
before starting the operating system(see col. 8, lines 15-55), hard locking the memory device 
against direct access so that a reset signal is required to unlock the memory device(see col. 10, 
lines 65-67, col. 11, lines 1-10). 



Application/Control Number: 09/7 1 1 ,028 Page 3 

Art Unit: 2131 

4. As per claim 2, Morisawa et al. discloses responsive to receiving an entered password under 
the operating system(see col. 2, lines 57-67), calling a routine executing within the restricted 
portion of system memory to verify the password(see col. 6, lines 21-40)- and receiving an 
indication from the routine regarding whether the entered password matched a password within 
the security data copied to the restricted portion of system memory from the memory device(see 
col. 7, lines 46-65). 

5. As per claim 3, Morisawa et al. discloses wherein the step of copying security data from a 
memory device to a restricted portion of system memory which is invisible to the operating 
system further comprises: checking a retum address for a call requesting that the security data be 
copied to verify that the call originated with a trusted routine(see col. 8, lines 15-55). 

6. As per claim 4, Morisawa et al. discloses wherein the step of checking a retum address for a 
call requesting that the security data be copied to verify that the call originated with a trusted 
routine includes placing a label within a basic input/output services routine implementing a 
process for copying the security data immediately after instruction(see col. 10, lines 46-67); for 
the call requesting that the security data be copied; placing an address for the label within code 
executing within the restricted portion of system memory and checking the return address for the 
call requesting that the security data be copied(see col. 11, lines 51-62); comparing the retum 
address and the address for the label; responsive to determining that the retum address does not 
match the address for the label, returning a null response to the call requesting that the security 
data be copied; and responsive to determining that the retum address matches the address for the 
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label, copying the security data to the restricted portion of system memory and resetting a retry 
counter(see col 20, lines 33-64). 

5. As per claim 5, Morisawa et al. discloses wherein the step of copying security data from a 
memory device to a restricted portion of system memory which is invisible to the operating 
system further comprises: copying the password and other sensitive data which requires 
protection from access under the operating system(see col. 8, Unes 15-55). 

6. As per claim 6, Morisawa et al. discloses wherein the step of copying security data from a 
memory device to a restricted portion of system memory which is invisible to the operating 
system includes loading the security data to regular system memory prior to initiating the call 
requesting that the security data be copied(see col. 8, lines 15-55, see col. 10, lines 65-67, col. 
11, lines 1-10); and upon receiving any response to the call requesting that the security data be 
copied, erasing the security data from regular system memory before starting the operating 
system(see col 1 1, lines 52-62). 

7. As per claim 7, Morisawa et al discloses a method of enabling use of a secure password, 
responsive to receiving an entered password under an operating system(col 2, lines 47-56), 
calling a routine executing within a restricted portion of system memory to verify the password, 
wherein the restricted portion of system memory is invisible to the operating system and wherein 
the operating system and routines executing within the restricted portion of system memory 
communicate through a calling convention(see col 1 1, lines 51-62); and receiving only an 
indication from the routine executing within the restricted portion of memory regarding whether 
the entered password matched a password stored within the restricted portion of system 
memory(see col 13, lines 17-61). 
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8. As per claim 8, Morisawa et al. discloses during power up initialization before the operating 
system is started, copying a password from a memory device to the restricted portion of system 
memory; and before starting the operating system, hard locking the memory device against direct 
access so that a reset signal is required to unlock the memory device(see col. 8, lines 15-55). 

9. As per claim 9, Morisawa et al. discloses determining whether a password is required for an 
operation by checking with the routine executing within a restricted portion of system memory to 
verify existence of a password(see col. 10, lines 46-67). 

10. As per claim 10, Morisawa et al. discloses limiting a number of retries for a user 
to reenter a password(see col. 14, lines 18-25). 

11. As per claim 1 1 , Morisawa et al. discloses transmitting the entered password entered by a 
user to the routine executing within a restricted portion of system memory using the calling 
convention(see col. 8, lines 15-55); and responsive to receiving an indication from the routine 
executing within the restricted portion of memory that the entered password matched the 
password stored within the restricted portion of system memory, continuing an operation 
requiring the entered password for execution(see col. 10, lines 46-67). 

12. As per claim 12, Morisawa et al. discloses a data processing system, comprising: a 
memory device which may be hard locked against direct access so that a reset signal is required 
to unlock the memory device(see col. 10, lines 46-67, col. 11, lines 1-10); and a power up 
initialization routine executing within the data processing system, wherein the power up 
initialization routine, before starting an operating system, copies security data from the memory 
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device to a restricted portion of system memory which is invisible to the operating system and 
hard locks the memory device(see col. 10, lines 23-37, 46-67). 

13. As per claim 13, Morisawa et al. discloses wherein the power up initialization routine, 
responsive to receiving an entered password under the operating system(see col. 10, lines 23-37, 
46-67), calls a routine executing within the restricted portion of system memory to verify the 
password and receives an indication from the routine regarding whether the entered password 
matched a password within the security data copied to the restricted portion of system memory 
from the memory device(see col. 11, lines 51-62). 

14. As per claim 14, Morisawa et al. discloses wherein the routine executing within the 
restricted portion of system memory checks a retum address for a call requesting that the security 
data be copied to verify that the call originated with a trusted routine(see col 10, lines 23-37, 46- 
67). 

15. As per claim 15, Morisawa et al. discloses wherein the power up initialization routine, to 
facilitate checking a retum address for a call requesting that the security data be copied to verify 
that the call originated with a trusted routine(see col. 10, lines 23-37, 46-67), places a label 
within a basic input/output services routine implementing a process for copying the security data 
immediately after instruction; for the call requesting that the security data be copied, wherein the 
routine executing within the restricted portion of system memory contains an address for the 
label(see col. 10, lines 15-37, 46-67), checks the retum address for the call requesting that the 
security data be copied, and compares the retum address and the address for the label and, 
responsive to determining that the return address does not match the address for the label(see col. 
11, lines 51-62), returning a null response to the call requesting that the security data be copied. 
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and responsive to determining that the return address matches the address for the label, copying 
the security data to the restricted portion of system memory and resetting a retry counter(see col 
20, lines 33-64). 

16. As per claim 16, Morisawa et al. discloses wherein the power up initialization routine 
copies the password and other sensitive data which requires protection from access under the 
operating system(see col 12, lines 59-67, col. 13, lines 1-27). 

17. As per claim 17, Morisawa et al. discloses wherein the power up initialization routine 
loads the security data to regular system memory prior to initiating the call requesting that the 
security data be copied and(see col 10, lines 15-37, 46-67, col 12, lines 59-67, col. 13, lines 1- 
27), upon receiving any response to the call requesting that the security data be copied, erases the 
security data from regular system memory before starting the operating system(see col. 1 1 , lines 
52-62). 

18. As per claim 18, Morisawa et al. discloses an operating system; a memory device which 
may be hard locked against direct access so that a reset signal is required to unlock the memory 
device(see col. 10, lines 15-37, 46-67, col. 12, lines 59-67, col. 13, lines 1-27); a system memory 
including a restricted portion invisible to the operating system(see col. 3, lines 10-41), wherein 
the operating system and routines executing within the restricted portion of system memory 
communicate through a calling convention; and a power up initialization routine executing 
within the data processing system(see col. 11, lines 51-62), wherein the power up initialization 
routine, responsive to receiving an entered password under an operating system, calls a routine 
executing within a restricted portion of system memory to verify the password(see col. 10, lines 
15-37, 46-67), and receives only an indication from the routine executing within the restricted 
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portion of memory regarding whether the entered password matched a password stored within 
the restricted portion of system memory(see col. 12, lines 59-67, col. 13, lines 1-27). 

19. As per claim 19, recites limitations already addressed(see claim 8). 

20. As per claim 20, recites limitations already addressed(see claim 9). 

21. As per claim 21, recites limitations already addressed(see claim 10). 

22. As per claim 22, recites limitations already addressed(see claim 1 1). 

23. As per claim 23, Morisawa et al. discloses a computer program product within a computer 
usable medium for enabling use of a secure password, instructions for copying security data from 
a memory device to a restricted portion of a system memory which is invisible to the operating 
system during power up initialization before an operating system is started(see col. 10, Hnes 15- 
37, 46-67); and instructions for hard locking the memory device against direct access so that a 
reset signal is required to unlock the memory device before starting the operating system(see col 
12, lines 59-67, col. 13, lines 1-27). 

24. As per claim 24, limitations already addressed(see claim 13). 

25. As per claim 25, limitations already addressed(see claim 3). 

26. As per claim 26, Kmitations already addressed(see claim 4). 

27. As per claim 27, limitations aheady addressed(see claim 5). 

28. As per claim 28, Kmitations already addressed(see claim 6). 

29. As per claim 29, limitations aheady addressed(see claim 7). 

30. As per claim 30, limitations ah*eady addressed(see claim 8). 

31. As per claim 31, limitations already addressed(see claim 9). 

32. As per claim 32, limitations already addressed(see claim 10), 
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33. As per claim 33, limitations already addressed(see claim 1 1). 



Response to Amendment 



34. The Arguments were persuasive and therefore, the new art has been applied. 



Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jenise E Jackson whose telephone number is (571) 272-3791. 
The examiner can normally be reached on M-Th (6:00 a.m. - 3:30 p.m.) alternate Friday's. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published appKcations 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
apphcations is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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